Quick and dirty interim solution
1. Add a server with its own private storage to the network share and regularly copy changed files in the network share to the private storage.
Something like rsync --backup --suffix `date +%Y%m%dT%H%M%S`
network_share private_storage
2. Image disks of of client machines whose function is important
Once you have these in place, you start a strategic review of ransomware strategy.